DATA SECURITY

Global VM Market Sees Strong Growth Due to Rise in Cyber Threats, Finds Frost & Sullivan

Frost & Sullivan | October 07, 2021

Frost & Sullivan's recent analysis on the Global Vulnerability Management Market finds that enterprises are becoming more vulnerable to cyber-attacks as they embrace digital transformation initiatives. This is due to an expanded attack surface resulting from multiple touchpoints through an open network and easy accessibility to databases and applications. An expanded attack surface has triggered the need for greater investments in vulnerability management (VM) solutions. Given this demand, the global VM market is expected to reach $2.51 billion by 2025, expanding at a compound annual growth rate (CAGR) of 16.3%.

From a regional perspective, North America will continue to dominate the VM market over the forecast period. The recent executive order to improve US cybersecurity is one of the main demand drivers in the region. Europe, the Middle East, and Africa (EMEA) will be the second-largest VM market as a result of regulations such as General Data Protection Regulations (GDPR). Finally, the growing significance of cybersecurity among end-users and rapid digital transformation initiatives encourage organizations to embrace VM in APAC and Central and Latin America.

The COVID-19 pandemic and the resulting work-from-home economy have expanded organizations' attack surface. With organizations adjusting to a new mode of business operations, VM capabilities for emerging platforms and applications will gain traction,In addition, as businesses embrace network-attached endpoints, cloud-based applications, and connected devices, the need for managing vulnerabilities in the extended attack surface will surge.

                                                                                                                                                                                                                                                                                                            Swetha R Krishnamoorthi, Senior Industry Analyst, Cybersecurity at Frost & Sullivan

Swetha added: "Organizations' move toward holistic and focused security will encourage vendors to integrate capabilities from upstream, downstream, and alternative applications. Over the next decade, there will also be a likely emergence of an 'integrated security posture assessment tool' that provides end-to-end risk management for enterprises."

Increased threats amid higher numbers of connected devices and regulatory requirements for organizations to perform regular vulnerability scanning and remediation will present lucrative growth prospects for VM vendors, including:
  • Addressing end-to-end vulnerability management workflow through an integrated platform by having an extensive list of integrations that enable an organization to pull in data from different tools and trigger workflows on other platforms from a single pane of glass.
  • Focusing on emerging economies and identifying local distribution partners and value-added resellers to boost expansion initiatives in emerging markets.
  • Leveraging managed security service providers (MSSPs) as a revenue source to expand the customer base by developing a separate pricing model that works well for both MSSPs and customers, ensuring profitability.
  • Expanding asset-type coverage to a non-conventional environment through strategic partnerships or inorganic deals with operational technology security vendors to hasten the acquisition of capabilities and achieve growth.

Global Vulnerability Management Market, Forecast to 2025 is the latest addition to Frost & Sullivan's Information & Communication Technology research and analyses available through the Frost & Sullivan Leadership Council, which helps organizations identify a continuous flow of growth opportunities to succeed in an unpredictable future.

About Frost & Sullivan
For six decades, Frost & Sullivan has been world-renowned for its role in helping investors, corporate leaders and governments navigate economic changes and identify disruptive technologies, Mega Trends, new business models, and companies to action, resulting in a continuous flow of growth opportunities to drive future success.

Spotlight

The Cybersecurity and Infrastructure Security Agency (CISA) leads the nation’s effort to understand, manage, and reduce cybersecurity risk, including by supporting Federal Civilian Executive Branch agencies in evolving and operationalizing cybersecurity programs and capabilities. CISA’s Zero Trust Maturity Model (ZTMM) provides an approach to achieve continued modernization efforts related to zero trust within a rapidly evolving environment and technology landscape. This ZTMM is one of many paths that an organization can take in designing and implementing their transition plan to zero trust architectures in accordance with Executive Order (EO) 14028 “Improving the Nation’s Cybersecurity” § (3)(b)(ii),1 which requires that agencies develop a plan to implement a Zero Trust Architecture (ZTA). While the ZTMM is specifically tailored for federal agencies as required by EO 14028, all organizations should review and consider adoption of the approaches outlined in this document.

Spotlight

The Cybersecurity and Infrastructure Security Agency (CISA) leads the nation’s effort to understand, manage, and reduce cybersecurity risk, including by supporting Federal Civilian Executive Branch agencies in evolving and operationalizing cybersecurity programs and capabilities. CISA’s Zero Trust Maturity Model (ZTMM) provides an approach to achieve continued modernization efforts related to zero trust within a rapidly evolving environment and technology landscape. This ZTMM is one of many paths that an organization can take in designing and implementing their transition plan to zero trust architectures in accordance with Executive Order (EO) 14028 “Improving the Nation’s Cybersecurity” § (3)(b)(ii),1 which requires that agencies develop a plan to implement a Zero Trust Architecture (ZTA). While the ZTMM is specifically tailored for federal agencies as required by EO 14028, all organizations should review and consider adoption of the approaches outlined in this document.

Related News

DATA SECURITY, ENTERPRISE SECURITY, SOFTWARE SECURITY

Qumulo Bolsters Customers’ Security and Ransomware Defenses with Varonis Integration and New Snapshot-Locking Capabilities

Businesswire | May 11, 2023

Qumulo, the simple way to manage exabyte-scale data anywhere, today announced integration with the Varonis Data Security Platform and introduced their new Snapshot-Locking capability to protect customers against ransomware. With an increasing number of ransomware attacks on private businesses, public agencies, and healthcare organizations, managing cybersecurity risk is a bigger priority than ever before. The ongoing threat of cyberattacks forces IT organizations to constantly evolve their ability to detect ransomware and malware outbreaks across petabytes of data, in real time, and respond quickly to minimize the damage inflicted. Qumulo and Varonis have partnered to provide an end-to-end solution that protects Qumulo customers from ransomware in both cloud and on-premises environments. The Varonis Data Security Platform provides real-time visibility and control over cloud and on-premises data and automatically remediates risk. Varonis’ behavior-based threat models detect abnormal activity proactively and can stop threats to data before they become breaches. In the storage layer, Qumulo offers data protection by cryptographically locking snapshots, allowing administrators a simple mechanism to stop attackers from infecting valuable customer data. “Securing unstructured data can be very challenging due to its sheer volume, and the expansive number of places it is stored and used by companies,” said Kiran Bhageshpur, Chief Technology Officer, Qumulo. “Our new integration with Varonis will help our customers have complete visibility into where their most valuable data and key vulnerabilities are, especially for threats like ransomware.” The combined solution operates across three areas to protect against bad actors’ attempts to spread ransomware and malware within Qumulo: Prevention through continuous data exposure and risk monitoring with automatic remediation and least privilege enforcement Detection of anomalous activity and activity patterns that resemble ransomware across data stored in Qumulo Rapid recovery of data in the event of a successful attack Varonis uses Qumulo’s APIs and granular audit logging to monitor user logins, permissions changes, file and folder activity, and pattern detection to warn against suspicious activity that may indicate threat actors or malicious insiders. Qumulo’s Snapshot-Locking feature uses cryptographic protection, where only the customer has access to the cryptographic key-pair required to unlock the snapshot. Together, the Qumulo-Varonis solution offers enterprise IT organizations a simple, secure, and scalable way to manage data anywhere. “Organizations face an uphill climb when it comes to securing vast amounts of data across the cloud — in fact, we surveyed more than 700 companies and found that 81 percent had sensitive SaaS data exposed,” said David Bass, Executive Vice President of Engineering and Chief Technology Officer, Varonis. “We’re pleased to be teaming with Qumulo to provide greater visibility and control for companies looking to secure their critical data and proactively help mitigate the impact of a potential attack.” About Qumulo, Inc. Qumulo is the simple way to manage exabyte-scale data anywhere — edge, core, or cloud — on the platform of your choice. In a world with trillions of files and objects comprising 100+ zettabytes worldwide, companies need a solution that combines the ability to work anywhere with simplicity. This is precisely what Qumulo was founded to accomplish. About Varonis Varonis is a pioneer in data security and analytics, fighting a different battle than conventional cybersecurity companies. Varonis focuses on protecting enterprise data: sensitive files and emails; confidential customer, patient, and employee data; financial records; strategic and product plans; and other intellectual property. The Varonis Data Security Platform detects cyber threats from both internal and external actors by analyzing data, account activity, and user behavior; prevents and limits disaster by locking down sensitive and stale data; and efficiently sustains a secure state with automation. Varonis products address additional important use cases including data protection, data governance, Zero Trust, compliance, data privacy, classification, and threat detection and response. Varonis started operations in 2005 and has customers spanning leading firms in the financial services, public, healthcare, industrial, insurance, technology, consumer and retail, energy and utilities, construction and engineering, and education sectors. Qumulo, Scale Anywhere(™) and the Qumulo logo are registered trademarks or trademarks of Qumulo, Inc. All other marks and names herein may be trademarks of other companies. Copyright © 2023. All Rights Reserved.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

ZeroFox Announces Generative AI Capabilities, Develops FoxGPT

Globenewswire | May 11, 2023

ZeroFox (Nasdaq: ZFOX), a leading external cybersecurity provider, announced its plans for releasing generative AI into its External Cybersecurity Platform with the preview of FoxGPT. FoxGPT capabilities will optimize intelligence analyst workflows with the ability to analyze and contextualize malicious content online, enhancing the ability to combat the growing sophistication of cybercriminals. Built by cybersecurity and intelligence professionals, for cybersecurity and intelligence professionals, ZeroFox commits to AI transparency, security, and privacy of information. Recent cutting-edge advancements in AI, including the release of GPT 3.5, followed by GPT 4.0, are part of a larger, fast-paced AI revolution poised to change how humans and technology interact. As companies embrace these advancements to streamline and automate certain aspects of their business, threat actors are also embracing generative AI capabilities for more sophisticated phishing and fraud, social engineering, spam, and the production of malicious content. ZeroFox's adaptation of generative AI, FoxGPT, accelerates the analysis and summarization of intelligence across large datasets, allowing the identification of malicious content, phishing attacks, and potential account takeovers. "We at ZeroFox are consistently dedicated to external cybersecurity innovation, and I'm thrilled to share the next step in our innovation roadmap with the development of generative AI capabilities within our platform, FoxGPT," said Mike Price, CTO at ZeroFox. "We understand the impact of generative AI and the risks of threat actors abusing it. We're committed to harnessing this technology while capturing explainable results and the security and confidentiality of customer data." ZeroFox has steadily integrated other machine learning capabilities into its platform over the past few years, enhancing its ability to keep pace with emerging technologies. FoxGPT is a significant advancement for ZeroFox, enabling it to provide even more powerful external cybersecurity platform capabilities. ZeroFox is committed to AI transparency, security, and privacy of information in order to give customers the confidence that their data is secure. ZeroFox plans to responsibly release FoxGPT to opt-in customers throughout the year. About ZeroFox ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, has redefined security outside the corporate perimeter on the internet, where businesses operate, and threat actors thrive. The ZeroFox platform combines advanced AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust portfolio of breach, incident and takedown response capabilities to expose and disrupt phishing and fraud campaigns, botnet exposures, credential theft, impersonations, data breaches, and physical threats that target your brands, domains, people, and assets. Join thousands of customers, including some of the largest public sector organizations as well as finance, media, technology and retail companies to stay ahead of adversaries and address the entire lifecycle of external cyber risks. ZeroFox and the ZeroFox logo are trademarks or registered trademarks of ZeroFox, Inc. and/or its affiliates in the U.S. and other countries. Visit www.zerofox.com for more information.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Keeper Security Debuts Sleek New User Interface for a Friendlier, More Intuitive Experience

Prnewswire | April 12, 2023

Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, privileged access, secrets and remote connections, today announces a series of significant new User Interface (UI) updates to its password management platform for a friendlier and more intuitive experience. Keeper's upgraded user interface offers clearer distinctions between elements, as well as enhanced clarity and searchability, to improve the user experience and make it even easier to take advantage of Keeper's powerful features. "Our customers' satisfaction with their user experience is a priority for us. We are fanatical about creating solutions that are as user-friendly as they are secure" said Keeper CEO and Co-Founder, Darren Guccione. "At Keeper, our design and product teams are constantly working to modernize Keeper's cybersecurity products which ultimately unifies ease-of-use and world-class security." Keeper customers can expect an updated experience with this overhaul of the vault's user interface – offering a fresh, updated look with modern styling for a welcoming and streamlined appeal. Highlights to the updated UI include: Friendlier Interface: Keeper's streamlined UI will reduce grid lines and introduce cleaner colors and adjustable panes. Streamlined Usability: More efficient user workflows will reduce the number of clicks necessary to complete a task. Accessibility and Inclusion: Upgraded UI will provide colors, contrast and font/icon sizes compliant with Web Content Accessibility Guidelines (WCAG) standards. Advanced Search: New, easy-to-use filters will enable users to search their Keeper Vaults with the utmost flexibility. Onboarding: The new onboarding wizard provides a more welcoming guided experience to setting up a user's vault. Lost Records: Keeper will now show the shared folder name and record contents of all records that are deleted out of shared folders. When customers log into Keeper, they will immediately notice a refreshed Web and Desktop Vault featuring the new, modern UI. Animated record and folder details are displayed for better clarity, legibility and modern style, and users will be able to customize their individual colors. Users can now enjoy improved vault organization with modern interface elements such as modals, popups and dialogs – all improved to be equally functional and stylish. The interface will also display avatars with initials to allow teammates to quickly identify contacts when sharing records and folders. As Keeper expands into larger markets, the number of folders and records in enterprise vaults has increased exponentially, with some customers having tens of thousands of record counts. To address this, Keeper will now offer advanced search capabilities to quickly pinpoint data in the vault. This search function will allow users to specify one or more search operators that can be used in combination to locate folders and records – while also allowing for granular searches that include specific values in specific record fields. Meanwhile, the brand new Keeper Quick Search feature will show recently viewed items and provide lightning fast results. Also coming soon for Keeper's users is a new fixed-sized browser extension, which will stay consistent from screen to screen, and replicate the Web Vault improvements on mobile devices. The browser extension provides a more spacious design, easier identification of key fields, useful settings and features with easy-to-find logos, and simple navigation with new layouts. For mobile apps, the new UI will feature friendly elements that are easier to read and navigate on smaller screens. For iOS, Keeper users will benefit from performance improvements, faster speeds and enhanced search results to easily find folders and their contents – even with tens of thousands of records. Android users will see cleaner themes with a new default Light Mode and revamped user-selected themes to match Keeper's UI enhancements. Additional features include a navigation bar for quick access to important screens on the app and frictionless Multi-Factor Authentication (MFA) login. Keeper is taking an incremental approach to improving the user experience, continuously enhancing the look, feel and usability of its applications, while staying mindful of the importance of familiarity, consistency and the world-class functionality and security that Keeper users are accustomed to. For more information about Keeper's password management platform and the new updates, please visit Keeper's Documentation Portal and Release Notes. About Keeper Security Keeper Security is transforming the way people and organizations around the world secure their passwords, secrets and confidential information. Keeper's easy-to-use cybersecurity platform is built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by millions of individuals and thousands of organizations globally, Keeper is the leader for best-in-class password management, secrets management, privileged access, secure remote access and encrypted messaging. Protect what matters at KeeperSecurity.com.

Read More